Using single EVP_PKEY instance across multiple connections

Using single EVP_PKEY instance across multiple connections

Hi,

I have an implementation of a multi-threaded HTTP server that I wrote using OpenSSL version 1.0.1g. Currently, on initialization of the server, I load my private key from disk and store it in an EVP_PKEY pointer. Whenever I accept a new connection, I use that same pointer to an EVP_PKEY in my call to SSL_CTX_use_PrivateKey. Is that safe or should I be copying my EVP_PKEY for each connection?

I have an implementation of a multi-threaded HTTP server that I wrote using OpenSSL version 1.0.1g. Currently, on initialization of the server, I load my private key from disk and store it in an EVP_PKEY pointer. Whenever I accept a new connection, I use that same pointer to an EVP_PKEY in my call to SSL_CTX_use_PrivateKey. Is that safe or should I be copying my EVP_PKEY for each connection?

Re: Using single EVP_PKEY instance across multiple connections

On Sun, Jun 29, 2014 at 1:58 PM, Barbe, Charles
<[hidden email]> wrote:
> To expand on this question a little more, is it safe to just create one SSL_CTX* at initialization of my server that will be used each time a new client connects when i do SSL_new(ctx)?
>
Yes.
______________________________________________________________________
OpenSSL Project http://www.openssl.orgUser Support Mailing List [hidden email]Automated List Manager [hidden email]